ff398d609915c60128e6ffeabfae684a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff398d609915c60128e6ffeabfae684a_JaffaCakes118
Size

40KB
MD5

ff398d609915c60128e6ffeabfae684a
SHA1

ae82432945be48100a7c9206f181b18346ce35c3
SHA256

903475b14a9bde9ec071e9511355f974d8a64cfb8bea8b48de3e36fef1990a2a
SHA512

7cadb14cb078a52ae84841a47e4829fc2715752ac4c38f1a1cd4c229495c8826f7a5f743b6032f318f74553d2cd1bc6f8d12bf6eadf0350234f3a928e15593e4
SSDEEP

384:Mc1jxHnL5GNPMYJJIwL6C/DeCG4Pl8uywtGc1dE5eRaiKMC:b9HL5UA2ejuykBdQiKx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff398d609915c60128e6ffeabfae684a_JaffaCakes118

Files

ff398d609915c60128e6ffeabfae684a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83a86567b25bd9c4bd5ab9890c090840

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance
CoUninitialize

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

GetStartupInfoA
GetModuleHandleA

Sections

.text
Size: 4KB - Virtual size: 540B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 642B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE